IPS MC Never Block Masks IDS4 vs. IPS5 - Cisco Community

319

Views

0

Helpful

1

Replies

Using the IPS Management Center 2.1 I can create a never block entry 9.xxx.0.0/255.255.128.0 for an IDS4 sensor, but when I do this with an IPS5 sensor (both IDSM-2s) I get the error message: Error

Object update failed. Validation exception during object update.Netmask is invalid for the given IP address

Of course I can create the entry for a version 4 sensor and use the copy wizard to copy it to the version 5 sensor and that works as long as one doesn't edit the entry, but it is a pain. Maybe you can fix this in the next release.

1 Reply 1

I have not used the IPS MC 2.1.

But I do know that the format in the IPS 5.0 CLI and IDM has changed from version 4.1 and 5.0.

In version 4.1 the netmask used 255.255.128.0 format. In version 5.0 the format changed to specifying the number of digits used for the network /17.

You might check to see if IPS MC is now expecting the /17 format when configuring 5.0 sensors.

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community

Review Cisco Networking for a $25 gift card